Arthur Besse to

Fediverse@lemmy.mlEnglish • 1 year ago

Mastodon security update: every version prior to today's is vulnerable to remote user impersonation and takeover

cross-posted to:
fediverse@lemmy.world

187

Mastodon security update: every version prior to today's is vulnerable to remote user impersonation and takeover

Arthur Besse to

Fediverse@lemmy.mlEnglish • 1 year ago

cross-posted to:
fediverse@lemmy.world

Remote user impersonation and takeover

### Summary Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account. Every Mastodon version prior to 3.5.17 is vulnerable, as well as...

Chat

Steve's Place
link
fedilink
3•1 year ago
@cypherpunks Upgrading went smoothly.